[Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 30 20:27:13 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6f05cae2 by Salvatore Bonaccorso at 2021-11-30T21:26:47+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5109,7 +5109,7 @@ CVE-2021-3919
CVE-2021-43203 (In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 a ...)
NOT-FOR-US: JetBrains Ktor
CVE-2021-43202 (In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is m ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2021-43201 (In JetBrains TeamCity before 2021.1.3, a newly created project could t ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2021-43200 (In JetBrains TeamCity before 2021.1.2, permission checks in the Agent ...)
@@ -6643,9 +6643,9 @@ CVE-2021-42547
CVE-2021-42546
RESERVED
CVE-2021-42545 (An insufficient session expiration vulnerability exists in Business-DN ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42544 (Missing Rate Limiting in Web Applications operating on Business-DNA So ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42543 (The affected application uses specific functions that could be abused ...)
NOT-FOR-US: AzeoTech
CVE-2021-42542 (The affected product is vulnerable to directory traversal due to misha ...)
@@ -8833,23 +8833,23 @@ CVE-2021-42125
CVE-2021-42124
RESERVED
CVE-2021-42123 (Unrestricted File Upload in Web Applications operating on Business-DNA ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42122 (Insufficient Input Validation in Web Applications operating on Busines ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42121 (Insufficient Input Validation in Web Applications operating on Busines ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42120 (Insufficient Input Validation in Web Applications operating on Busines ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42119 (Persistent Cross Site Scripting in Web Applications operating on Busin ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42118 (Persistent Cross Site Scripting in Web Applications operating on Busin ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42117 (Insufficient Input Validation in Web Applications operating on Busines ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42116 (Incorrect Access Control in Web Applications operating on Business-DNA ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42115 (Missing HTTPOnly flag in Web Applications operating on Business-DNA So ...)
- TODO: check
+ NOT-FOR-US: Business-DNA Solutions
CVE-2021-42114 (Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability ...)
NOT-FOR-US: hardware vulnerability in DRAM devices (Blacksmith)
NOTE: https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf
@@ -8917,7 +8917,7 @@ CVE-2021-41133 (Flatpak is a system for building, distributing, and running sand
CVE-2021-42100
RESERVED
CVE-2021-42099 (Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file- ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-42098 (An incomplete permission check on entries in Devolutions Remote Deskto ...)
NOT-FOR-US: Devolutions
CVE-2021-42097 (GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csr ...)
@@ -9940,11 +9940,11 @@ CVE-2021-41681
CVE-2021-41680
RESERVED
CVE-2021-41679 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
- TODO: check
+ NOT-FOR-US: openSIS
CVE-2021-41678 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
- TODO: check
+ NOT-FOR-US: openSIS
CVE-2021-41677 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
- TODO: check
+ NOT-FOR-US: openSIS
CVE-2021-41676 (An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point o ...)
NOT-FOR-US: oretnom23 Pharmacy Point of Sale System
CVE-2021-41675 (A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E- ...)
@@ -16369,7 +16369,7 @@ CVE-2021-39001
CVE-2021-39000 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to ob ...)
NOT-FOR-US: IBM
CVE-2021-38999 (IBM MQ Appliance could allow a local attacker to obtain sensitive info ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38998
RESERVED
CVE-2021-38997
@@ -34060,7 +34060,7 @@ CVE-2021-31789
CVE-2021-31788
RESERVED
CVE-2021-31787 (The Bluetooth Classic implementation on Actions ATS2815 chipsets does ...)
- TODO: check
+ NOT-FOR-US: Bluetooth Classic implementation on Actions ATS2815 chipsets
CVE-2021-31786 (The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2 ...)
NOT-FOR-US: Actions ATS
CVE-2021-31785 (The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 ch ...)
@@ -124982,7 +124982,7 @@ CVE-2020-7881 (The vulnerability function is enabled when the streamer service r
CVE-2020-7880 (The vulnerabilty was discovered in ActiveX module related to NeoRS rem ...)
TODO: check
CVE-2020-7879 (This issue was discovered when the ipTIME C200 IP Camera was synchroni ...)
- TODO: check
+ NOT-FOR-US: ipTIME C200 IP Camera
CVE-2020-7878
RESERVED
CVE-2020-7877 (A buffer overflow issue was discovered in ZOOK solution(remote adminis ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f05cae2333e6b34284502bc90d495eb25cd00ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f05cae2333e6b34284502bc90d495eb25cd00ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211130/1553ab72/attachment.htm>
More information about the debian-security-tracker-commits
mailing list